2# NEW BOOKS and MULTIMEDIA
li
/
this book by providing the (C-like) pseu-
docode of what essentially happ’ens
behind the scenes when certain c m-
mands are invoked (we are warned not
t
to expect that the pseudocode is a qne-
to-one reflection of the actual Ci co
source code, but rather a summariz d
idea of the control flow). That beidg
l+
said, understanding the internals boil
down to understanding the pseudocode,
possibly alienating some readers n t
keen on reading code. Nevertheless, one sl’
can approach the pseudocode on an hs
needed basis, when the behavior of c Im-
mands is not exactly as intuitive as Xne
might expect. The reader is assumed to
be familiar with networking, but a short
review of IP addressing and its relation
to routing is nevertheless provided in the
introduction. A chapter describes the
routing information organization and
management inside Cisco routers, fol-
lowed by a chapter that describes the IP
forwarding process options present in
Cisco routers: fast, optimum, distributed,
NetFlow, and Cisco Express forwarding.
After the internal mechanisms and for-
warding options come the chapters on
actual routing protocols: static routing,
dynamic routing, distance vector proto-
cols (RIP and IGRP), and link state pro-
tocols (OSPF and IS-IS). A separate
chapter describes Enhanced IGRP,
Cisco’s proprietary protocol. The style is
geared toward answering specific ques-
tions as to why things work in a particu-
lar way, instead of just how. Consistent
with the book’s scope, each chapter
includes several examples and is followed
by a Q-and-A section of the most fre-
quently asked questions.
Internet and lntranet S e w r i b
2nd Edition
Rolf Opplinger, 2002, Artech House,
ISBN 1-58053-166-0, 403 pages,
hardcover.
Rolf Opplinger’s book is an attempt to
present security in networks (intra- and
internets) in a unified fashion. For a
long part of the book, networking and
cryptography are presented separately,
coming together in the second half
(“Communications Security”). The con-
tents cover not just cryptographic
aspects of security but also general-pur-
pose security mechanisms that can be
used to enhance security, such as packet
filtering and firewalling. The first part
lays the foundations, including terminol-
ogy, basics of TCPIIP, types and nature
of attacks, the OS1 security architecture,
and a brief review of cryptographic
techniques followed by authentication
and key distribution techniques. Specifi-
IEEE Network March/April2002
cally the cryptographic techniques
include DES, 3DES, IDEA, SAFER,
Blowfish, CAST-128, RC2, RC4, RC5,
RC6, AES, RSA, Diffie-Hellman, EIGa-
mal, DSS, ECC, digital envelopes, key
protection, and pseudorandom
sequences, as well as certain legal issues.
The reader should be warned that the
P presentation of cryptographic techniques
I .
is severely condensed (the topics listed
above take less than 28 pages of the
book); if interested in the properties and
limitations of a scheme, instead of just its
application, the reader is advised to seek
other sources of information. From the
remaining parts, the second is devoted to
firewalls: packet filtering, SOCKS, appli-
cation-level gateways, configuration of
firewalls, and in gcneral the architectural
elements of a potentially secured net-
work. The communications part pays
attention to a handful of specific proto-
cols at different layers of the protocol
stack, explaining their principles of oper-
ation. These include MS-PPTP, IPsec,
SKIP, I D E , SSL, TLS, Kerberos,
SESAME, PGP, and SWIME. The book
ends with a discussion of PKI (certifi-
cates and certificate authorities), and a
short overview of electronic commerce,
risk management policies and principles.
Overall, the book is written for an audi-
ence without necessarily a significant
technical background who wish to quick-
ly rcview a broad introduction to the
available techniques and protocols of
network security.
If‘ SANS,A Guide to iSCSI/
iFCP, and FCIP, Protoco/s for
Storage Area Networks
Tom Clark, 2002, Addison-Wesley,
ISBN 0-201-75277-8, 288 pages, soft-
cover.
The objective of storage area networks
(SANs) is to produce logical storage
units that are in fact scalable collections
of storage devices over a network.
While storage devices are well appreci-
ated as scalable in terms of capacity at a
nearly exponential rate, the extent to
which a specific network technology is
to be uscd and its shortcomings, in
terms of scalability, are still an issue for
research and development. One prevail-
ing school of thought advocates the use
of IP as the network technology of
choice. The deployment of SANs over
IP requires the solution to a plethora of
problems because of the need of a lega-
cy general-purpose internetworking pro-
tocol (IP) to efficiently support
relatively recent protocols, of special-
ized n a t u r e (SCSI, Fibre Channel),
some not even intended for WAN
deployment. Part of the problem is
purely the syntactical aspect of such
protocols (performance being the other
one) that allow, for example, SCSI com-
mands to be conveyed via IP. To this
extent, t h e book presents the SCSI
Architecture Model (SAM-2), and SCSI
architecture in general ( C h a p t e r 4)
which is key to understanding the rest.
A sequence of chapters ( 5 , 6, and 7 )
provide a review of IP, UDP, and TCP
for those unfamiliar with networking.
T h e rest of the book centers around
IETF’s Fibre Channel over IP (FCIP),
I n t e r n e t Fibre Channel Protocol
(iFCP), and I n t e r n e t SCSI (iSCSI).
These protocols are described in detail,
and they correspond to, respectively, FC
extensions to connect remote F C SANS
via IP (FCIP), mapping between IP and
FC end nodes (iFCP), and replacement
of FC and devices with native IP storage
devices (iSCSI). Another important fac-
tor of IP SANs, especially in larger
installations, is their management; this is
covered in Chapter 9 through presenta-
tion of the Internet Storage Name Server
(iSNS) protocol. To complete the pre-
sentation, security and quality of service
of S A N S are presented, even though they
are not as closely related to SANs alone
per se, but rather to IP security and QoS.
Arguments to convince the reader of the
value of the application potential of
SANs can be found in Chapter 13, from
obvious choices (backup) to perfor-
mance-driven applications (server clus-
tering and massive data distribution).
Appendices provide information about
the Storage Networking Industry Associ- ‘
ation (SNIA) and IP storage (and rela’t-
ed) vendors.
java.rmi The Remote Method
Invocation Guide
Esmond Pitt and Kathleen McNiff,
2001, Addison-Wesley, ISBN 0-201-
70043-3, 2 8 4 pages, softcover.
The idea of distributed programming
across heterogeneous CPUs, OSs, lan-
guages, and data formats has galva-
nized researchers and software
developers alike, producing, for exam-
ple, RPC and CORBA. The emergence
of Java as a universal programming
language led, naturally, to its use as a
step toward simplifying distributed sys-
tems programming. The bulk of func-
tionality in s u p p o r t of distributed
applications under Java is known as the
R e m o t e Method Invocation ( R M I )
API. RMI is already quite popular in
the development of applications, but
the range of information necessary
(which goes beyond the Java RMI doc-
~
5
c1 NEW BOOKS and MULTIMEDIA
umentation) to fully exploit its power is
not widely available. The book by Pitt
and McNiff hopes t o fill this gap as
well as t o raise b o t h awareness of
RMI's potential and to link the con-
cepts of distributed programming t o
corresponding constructs in R M I ,
exposing, in the pi-ocess, the internals
of RMI and its des,ign. The audience is
expected to be reasonably knowledge-
able with Java as well as familiar with
0-0concepts (inheritance and poly-
morphism). In particular, the reader is
assumed to be aware of the networking
classes Socket and Serversocket. The
newcomer t o R M I will find the first
nine chapters the most helpful to start
writing applications. These chapters
include, apart from introduction and
concepts, the semantics of RMI, serial-
ization, remote interfaces, the R M I
registry, basic client and server pro-
gramming, basic security, and tcch-
niques/support f o r mobile code
execution. T h e p r o g r a m m e r m o r e
familiar with distributed programming
and elements of RMI finds better use
for the following three chapters that
provide detailed information on activa-
tion (essential to provide the illusion of
persistent reference to an object in a
distributed environment), socket facto-
ries, and example architectures for
agents programming as an example of
the design patterns facilitated by the
RMI programming paradigm. The last
part of the book presents alternatives
and extensions t o the standard R M I
implementation (JNDI, naming ser-
vices, Jini, CORBA/IIOP, SSL): topics
0 IEEE 802 PERSPECTIVES/Edited by Paul Nikolich
The IEEE 802 L.ocal and Metropoli-
tan Area Network (LAN/MAN) Stan-
dards Committee is an international
standards developing organization con-
sisting of more than 1000 individual net-
working experts located worldwide. The
major industry standards now in devel-
opment by I E E E 802 a r e E t h e r n e t
(CSMA/CD), Wireless Local Area Net-
works (WLAN), Wireless Personal Area
Networks (WPAN), Broadband Wire-
less Access (BWA), Resilient Packet
Ring (RPR), and Bridging/Architecture
that provide the basis for enterprise net-
working. There are about 50 IEEE 802
LANJMAN standards and five major
ISO/IEC/JTCl 8802 series equivalent
standards covering the broad spectrum
of LAN/MAN standards.
These perspectives have appeared in
some issues of I E E E Network since
September 1997 and are aimed to pro-
6 IEEE Network
in the periphery of RMI proper, but
likely to be encountered when deploy-
ing elaborate or specialized applica-
tions.
Networks for Computer Scien-
tists and Engineers
YGlu Zheng and Shakil Akhtar, 2002,
Oxford University Press, ISBN 0-19-
5 1 1398-5, 575 pages, hardcover.
Among available undergraduate net-
works texts, t h e o n e by Zhcng and
Akhtar follows a particularly interesting
structure. First, two example applica-
tions introduce corresponding architec-
tures: voice 'communication for
telephone networks on one hand, client-
server applications for packet-switched
networks on the other. Mechanisms are
presented to illustrate how such net-
works operate. The examples lead to
more detailed information, such as the
distinction along the lines of topology
and the need for standards. The second
part deals with the principles of data
communications at the level of signals
and modulation but is, oddly, comple-
mented by a section on videoconferenc-
ing (applications and standards). The
OS1 reference model is next, but once
more the chapter includes, oddly
enough (since a separate chapter on the
topic exists), an introduction to network
performance. T h e OS1 model is fol-
lowed by LAN technologies (the majori-
ty of which is a description of the IEEE
802 standards), including hardware
aspects, with the somewhat misplaced
vide the reader with highlights of IEEE
802 activities to enable better dissemina-
tion of these standards into marketable
products as well as seek new ideas to be
brought into the IEEE 802 arena.
This perspective will provide a brief
overview of the I E E E 802 standards
development process. A Web page
where additional information can be
obtained on IEEE 802 activities, meet-
ing dates, and organization is located at
http://www.ieee802.org.
Subsequent columns will contain
highlights of specific standards in devel-
opment. Some of the exciting topics in
IEEE 802 are 10 Gigabit Ethernet and
how Ethernet will migrate outward from
the enterprise to the first mile, powered
Ethernet, and the growing diversity of
wireless communication networks.
Please send suggestions, criticisms, and
requests for future article topics t o
addition of LAN operating systems. A
single chapter describes TCP/IP, from
addressing to IP to essentials of routing
and transport layer protocols (TCP and
UDP), ending with applications (SMTP,
FTP, POP3, Telnet, DNS) as well as
dialup data link protocols (SLIP, PPP).
What is surprising is the relatively
sparse information on HTTP despite a
section devoted to Web applications.
The next theme discusses access and
high-speed technologies. This is really a
chapter on both the last mile, as well as
on LAN and WAN protocols, namely
ISDN, DSL, SMDS, Frame Relay,
FDDI, High Speed Ethernet, FDDI and
CDDI, ATM, SONET, and D W D M .
The switching and virtual LAN chapter
spans from hubs to LAN switches, intro-
ducing VLANs and eventually A T M
switches, but lacking in terms of
describing bridging protocols. Network
performance presents analytical (basic
queuing), simulation, and network traf-
fic monitoring. The network manage-
ment chapter covers b o t h t h e usual
suspects (SNMP and R M O N ) and
telecommunications management net-
work (TMN). The coverage of cryptog-
raphy and security is fairly
comprehensive (secret and public key
crypto, DES and AES, MD5, PGP, PKI,
firewall architectures and types, Ker-
heros, VPNs, smart cards, etc.). Con-
cluding is a chapter o n network
programming, with a typical introduc-
tion to sockets (and Winsock) program-
ming plus low-level programming over
serial or parallel ports, as well as basics
of RPC and Java programming.
p.nikolich@ieee, IEEE 802 chair.
As a final note, Jim Carlo retired
from the 802 Chair position in Novem-
ber 2001. I wish to thank Jim for the ._
leadership and mentorship he has pro-
vided to IEEE 802 since he took over as
Chair in 1996.
Paul Nikolich
Biography
PAUL NIKOLICH
wos elected to the IEEE802 Chair in
November 2001 after serving as IEEE 802 Vice
Chair since 1996. He has led product, technology,
and standaids development activities at several
companies since the early 1980s. Most recently he
was co-founder of Broadband Access Systems, Inc.,
a supplier of carrier class networking equipment to
cable television system operators. He currently i s on
independent consultant working closely with YAS
Broadband Ventures, LLC on investing in early stage
startup companies
March/April 2002